Course Overview

What does a security management professional do?

A security management professional implements multiple layers of interdependent systems such as security, fraud, and resilience mechanisms for the protection of the business and its brand, employees, assets, and data. Recently, security management is becoming relevant as there is an increased dependence of businesses on technology, making them highly susceptible to cyber-attacks and security breaches.

How will this security management professional course benefit me?

This course is very important because several firms would rather infuse resources and money in security management than lose money to a breach of security so there is a high demand of security management professionals in the organisations.

This Zoe training course is designed to provide trainees with a comprehensive guide to becoming successful security management professionals. The course covers the basic components of security management, thereby giving you the relevant expertise and skills to undertake responsibilities in this area.

Course Objectives

The vital objective of this course by Zoe Talent Solutions is to provide trainees with:

• A thorough understanding of all the aspects of security management
• The required expertise and knowledge to train other aspiring security management professionals
• A comprehensive understanding of the various security management procedures and policies ranging from intrusion detection, threat and assessment, and information classification
• A comprehensive understanding of the purpose of security management within a commercial business or organization
• The necessary confidence and experience to build a comprehensive security management structure architecture with tools like user control, security monitoring, reporting, and device controls
• The awareness and understanding required to identify vulnerabilities in the security management structure architecture

Training Methodology

All the courses offered at Zoe Talent Solutions are customized to suit the target audience and are facilitated by professionals from relevant fields. The Zoe training course is very participatory and interactive as it combines video presentations, group presentations, quizzes, direct interaction with the facilitator, and forum activities.

This distinct approach to training by Zoe Talent Solutions is called the Do–Review–Learn–Apply Model.

Organisational Benefits

Professionals undertaking this course by Zoe Talent Solutions will impact their organisations in several ways, some of which include:

• Creation of systems that will secure the company’s resources and decrease the organisation’s vulnerabilities
• Regular training of other employees on security management, such as insider threat awareness and cyber security
• Application of advanced security management systems to assure customers, investors, and regulatory bodies
• Regular training of employees on how to protect the confidentiality and integrity of the organisation’s data
• Reduced operation costs due to efficient security management systems
• Detailed risk and threat assessment and analysis to protect the organisation’s assets and prevent loss
• Adherence to the security industry’s legal and compliance requirements, thus improving the trust of clients, investors, and regulatory bodies

Personal Benefits

Upon completion of this course, trainees will benefit in the ways identified below:

• Increased knowledge on the manner of conducting threat-risk assessments and security audits
• A better understanding of the maintenance of security systems, service offerings, technological capabilities, and service offerings
• Better awareness and understanding to identify and prioritise the various security threats to an organisation
• A thorough understanding of all aspects of security management for career advancement in the relevant field
• Increased expertise and confidence to effectively identify potential threats to an organisation’s security system
• Better understanding of systems and mechanisms that will secure the company’s assets and decrease vulnerabilities
• Complete clarity on the various security management procedures and policies, such as information classification and threat assessment
• Increased knowledge about how to manage information security in an organisation in a way that preserves the relationship between general business, information technology, and information security
• Complete understanding of the various organisational cyber security strategies and policies

Who Should Attend?

• Senior management experts involved in the security management of the company
• Security specialist, security professional, or security supervisor who desires to build a security management professional career
• Employees involved in the security management of the company
• Legal and compliance officers in charge of ensuring that all laws and regulations relating to security management are adhered to
• Any other professional in the security industry who desires to advance their security management career
• Professionals interested in being certified as a security management specialist

Course Outline

Module 1: Overview of Security Management

• Concept
• Purpose
• Benefits
• Importance

Module 2: Security Management Procedures and Policies

• Information classification
• Threat assessment
• Risk assessment and analysis
• Intrusion detection
• Access control
• Physical security

Module 3: Security Management Architecture

• Meaning
• Importance
• How to build a comprehensive security management structure architecture:
• User control
• Security monitoring and reporting
• Device controls
• Identification of vulnerabilities

Module 4: Types of Security Management

• Physical Security Management
• Information Security Management
• Network Security Management
• Cybersecurity Management

Module 5: Physical Security Management

• Meaning and concept
• Benefits
• Types of physical threats
• Physical security best practices
• Create the right security culture in the organization
• A risk-based approach to physical security
• Establishing a physical security plan

Module 6: Information Security Management

• Meaning
• Objectives
• Benefits of information security management system (ISMS)
• Examples of ISMS

Module 7: Network Security Management

• Meaning
• Importance
• Network Security Management best practices:
• Firewall
• Security information and event management
• Network Segmentation
• Email security
• Intrusion prevention systems

Module 8: Cyber Security Management

• Meaning
• Importance
• Types of cyber threats
• Cross-site scripting
• Data breach
• Spyware
• Malware
• Ransomware
• Cyber security management best practices:
• Managing Cyber Risk, Audit, and Compliance
• Digital forensic investigations
• Management of Cryptosystems
• Penetration testing
• Strong cyber defence

Module 9: Duties of a Security Management Professional

• Undertake security, resilience, and fraud risk assessments
• Publish, implement and maintain security policies and procedures
• Prevent terrorist or extremist attacks and information and data theft
• Prevent fraud
• Training and awareness.
• Compliance with regulations and standards
• Investigations

Module 10: Security Management Failures

• Meaning
• Types
• Denial of service and distributed denial of service attacks
• Eavesdrop Attack
• Malware Attacks
• Causes
• Inadequate security audit
• Poor maintenance of hardware and software.
• Inadequate security safety measures.
• Case studies
• Yahoo in 2013
• eBay in 2014
• Facebook in 2018
• Czech Company Avast in 2019

Module 11: Legal and Compliance Aspects of Security

• Laws and regulations on security and privacy
• Private Security and Investigative Services Act (PSISA)
• Personal Information Protection and Electronic Documents Act (PIPEDA)
• Fire Code
• Security compliance
• Meaning
• Benefits
• Tools